﻿using System;
using System.IdentityModel.Policy;
using System.IdentityModel.Claims;
using System.Collections.Generic;
using System.ServiceModel;
using System.Collections.ObjectModel;

namespace ClaimPolicyAddIns
{
	public class CustomAuthorizationPolicy : IAuthorizationPolicy
	{
		public bool Evaluate(EvaluationContext evaluationContext, ref object state)
		{
			IList<Claim> claims = new List<Claim>();
			ReadOnlyCollection<ClaimSet> claimSets = OperationContext.Current.ServiceSecurityContext.AuthorizationContext.ClaimSets;

			foreach (ClaimSet cs in claimSets)
				foreach (Claim c in cs.FindClaims(ClaimTypes.Name, Rights.PossessProperty))
					claims.Add(c);

			claims.Add(new Claim(ClaimTypes.Email, "jhfigueiredo@netvisao.pt", Rights.PossessProperty));

			evaluationContext.AddClaimSet(this, new DefaultClaimSet(this.Issuer, claims));

			return true;
		}

		public ClaimSet Issuer
		{
			get { return ClaimSet.System; }
		}

		public string Id
		{
			get { return "CustomAuthorizationPolicy"; }
		}
	}
}
